CVE-2023-28811

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 23, 2023

Updated: Dec 8, 2023

CWE ID 120

Summary

CVE-2023-28811 is a buffer overflow vulnerability affecting Hikvision Network Video Recorders (NVR) and Digital Video Recorders (DVR). The issue lies in the password recovery feature, which could be exploited by attackers on the same local area network (LAN). By sending maliciously crafted packets to an unpatched device, they could cause the device to malfunction, potentially leading to unauthorized access or denial of service. This vulnerability poses a significant risk and requires immediate patching to prevent potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tddXxD
https://www.cve.org/CVERecord?id=CVE-2023-28811
https://nvd.nist.gov/vuln/detail/CVE-2023-28811

Back to Vulnerability Database

CVE-2023-28811

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations